Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-04-19 04:20:00 |
India expected to surpass the UK for second place in payment card fraud (lien direct) |
Prices for stolen Indian payment cards has also gone up by 150% in 2018 to around $17/card. |
|
|
|
|
2019-04-18 22:26:00 |
Google bans logins from embedded browser frameworks to prevent MitM phishing (lien direct) |
Google previously banned logins initiated from browsers where JavaScript had been disabled. |
|
|
|
|
2019-04-18 19:49:00 |
Facebook admits to storing plaintext passwords for millions of Instagram users (lien direct) |
Last month, Facebook admitted to storing plaintext passwords for hundreds of millions of Facebook accounts. |
|
|
|
|
2019-04-18 11:26:00 |
Shopify API flaw offered access to revenue data of thousands of stores (lien direct) |
Updated: The bug was accepted as valid, but the researcher wasn't paid. |
|
|
|
|
2019-04-18 11:14:01 |
Facebook harvested 1.5 million user email contacts without permission (lien direct) |
The “unintentional uploads” have taken place since 2016. |
|
|
|
|
2019-04-18 11:07:04 |
Mobile app used in Car2go fraud scheme to steal 100 vehicles (lien direct) |
Services have been temporarily paused in Chicago to investigate the incident. |
|
|
|
|
2019-04-18 08:19:00 |
Former student destroys 59 university computers using USB Killer device (lien direct) |
He also destroyed seven computer monitors and computer-enhanced podiums that had open USB slots. |
|
|
|
|
2019-04-17 23:24:00 |
Source code of Iranian cyber-espionage tools leaked on Telegram (lien direct) |
APT34 hacking tools and victim data leaked on a secretive Telegram channel since last month. |
|
APT 34
|
|
|
2019-04-17 19:17:00 |
Cyber-security firm Verint hit by ransomware (lien direct) |
In an extreme case of irony, ransomware hits cyber-security firm. |
Ransomware
|
|
|
|
2019-04-17 13:00:01 |
Bad bots now make up 20 percent of web traffic (lien direct) |
Mimicking human mouse movements is only one of many tactics used to fly under the radar. |
|
|
|
|
2019-04-17 11:16:03 |
Russia supports bill to isolate the Internet, promote censorship (lien direct) |
It is feared the bill will give the country its own version of China's Great Firewall. |
|
|
|
|
2019-04-17 09:43:00 |
Microsoft loses control over Windows Tiles subdomain (lien direct) |
Subdomain currently in the possession of a German security researcher, preventing any abuse. |
|
|
|
|
2019-04-16 21:43:01 |
Malvertising campaign abuses Chrome for iOS bug to target iPhone users (lien direct) |
Bug affects only Chrome for iOS, not Safari and not any other Chrome version. |
|
|
|
|
2019-04-16 18:31:00 |
EU: No evidence of Kaspersky spying despite \'confirmed malicious\' classification (lien direct) |
European Commission "not in possession of any evidence regarding potential issues related to the use of Kaspersky Lab products." |
|
|
|
|
2019-04-16 15:17:00 |
Crooks use digger to steal ATMs in Northern Ireland as ATM physical attacks rise across the EU (lien direct) |
ATM attacks using gas or solid explosives have spread to an eleventh EU country. |
|
|
|
|
2019-04-16 10:41:02 |
Adblock Plus filters can be abused to execute malicious code in browsing sessions (lien direct) |
The vendor was not aware of the problem until public disclosure. |
|
|
|
|
2019-04-16 08:17:00 |
Adobe Flash security tool Flashmingo debuts in open source community (lien direct) |
Flashmingo can be used to automatically search for Flash vulnerabilities and weaknesses. |
Tool
|
|
|
|
2019-04-16 08:00:00 |
Scranos rootkit expands operations from China to the rest of the world (lien direct) |
Rise of new multi-functional rootkit-backdoor-infostealer-adware strain worries researchers. |
|
|
|
|
2019-04-15 22:33:00 |
Mozilla wants Apple to change users\' iPhone advertiser ID every month (lien direct) |
Change will make it harder for advertisers to build exhaustive profiles on iOS users. |
|
|
|
|
2019-04-12 11:32:00 |
US probe prompts Russia-linked Pamplona to sell stake in cybersecurity firm Cofense (lien direct) |
There has been "strong interest" in the sale. |
|
|
|
|
2019-04-12 11:09:03 |
NoScript extension officially released for Google Chrome (lien direct) |
After more a decade, NoScript is finally available for Chrome users. |
|
|
★★★★★
|
|
2019-04-12 08:48:05 |
Internet Explorer zero-day lets hackers steal files from Windows PCs (lien direct) |
Microsoft refused to patch issue so security researcher released exploit code online. |
|
|
★★★
|
|
2019-04-12 08:44:00 |
Matrix.org hack forces servers offline, encrypted chat history lost (lien direct) |
Matrix.org suffered a cyberattack which forced the group to boot all of their users out of the system. |
Hack
|
|
★★★
|
|
2019-04-11 23:38:05 |
Microsoft publishes SECCON framework for securing Windows 10 (lien direct) |
Microsoft publishes simple guide for securing Windows 10 PCs based on five DEFCON-like security access levels. |
|
|
★★
|
|
2019-04-11 21:18:05 |
Some enterprise VPN apps store authentication/session cookies insecurely (lien direct) |
VPN apps from Cisco, F5, Palo Alto Networks, and Pulse Secure found vulnerable. |
|
|
★★★★
|
|
2019-04-11 17:16:00 |
Emotet hijacks email conversation threads to insert links to malware (lien direct) |
Emotet gang takes their operation to a whole new level, showing why they're today's most dangerous malware. |
Malware
|
|
★★
|
|
2019-04-11 12:15:02 |
Two out of three hotels leak your sensitive data (lien direct) |
Guest booking and personal customer data are being leaked to analytics and advertising companies. |
|
|
★★
|
|
2019-04-11 10:39:05 |
Amazon employees listen in to your conversations with Alexa (lien direct) |
A report suggests you may have eavesdroppers in your living room. |
|
|
★★★★★
|
|
2019-04-11 10:07:00 |
Julian Assange arrested by UK police, charged with hacking in the US (lien direct) |
Live updates: US DOJ indicts Assange on hacking charges, confirms extradition request. |
|
|
★★
|
|
2019-04-10 21:34:00 |
Mailgun hacked part of massive attack on WordPress sites (lien direct) |
Spray-and-pray hacking campaign hits Mailgun's WordPress site and redirects users to malicious sites. |
|
|
|
|
2019-04-10 19:13:03 |
US government publishes details on North Korea\'s HOPLIGHT malware (lien direct) |
DHS and FBI publish their sixteenth report on North Korean malware. |
Malware
|
|
|
|
2019-04-10 17:01:00 |
Google Chrome engineers want to block some HTTP file downloads (lien direct) |
Google wants to prevent some file types from being downloaded via HTTP when the website domain shows HTTPS. |
|
|
|
|
2019-04-10 15:26:00 |
Triton hackers return with new, covert industrial attack (lien direct) |
Traces of the group have been found at a fresh critical infrastructure facility by researchers. |
|
|
|
|
2019-04-10 11:58:03 |
Adobe patch update squashes critical code execution bugs (lien direct) |
The security fixes impact eight Adobe software products including Flash and Reader. |
|
|
|
|
2019-04-10 10:48:05 |
Yahoo data breach settlement effort reaches $117.5 million (lien direct) |
$50 million was too low for one of the largest data breaches on record. |
Data Breach
|
Yahoo
|
|
|
2019-04-10 00:36:03 |
Former Senate IT intern admits to doxing US senators on Twitter and Wikipedia (lien direct) |
Staffer enraged by Kavanaugh hearing admits to doxing Republican senators. |
|
|
|
|
2019-04-09 23:01:00 |
Senators introduce bill to ban \'dark patterns\' on big tech platforms (lien direct) |
Senators propose new Deceptive Experiences To Online Users Reduction (DETOUR) Act. |
|
|
|
|
2019-04-09 19:09:00 |
(Déjà vu) Microsoft\'s April Patch Tuesday comes with fixes for two Windows zero-days (lien direct) |
April 2019 Patch Tuesday comes with 74 security fixes, including patches for two Windows zero-days. |
|
|
|
|
2019-04-09 17:10:00 |
Tens of thousands of cars were left exposed to thieves due to a hardcoded password (lien direct) |
A patch was rolled out in mid-February and the hardcoded credentials revoked. |
|
|
|
|
2019-04-09 15:00:00 |
Grab-and-go Baldr malware enters the black market (lien direct) |
Baldr has been linked to three prominent hackers in the Russian underground. |
Malware
|
|
|
|
2019-04-09 13:32:00 |
Reveton ransomware distributor sentenced to six years in prison in the UK (lien direct) |
Zain Qaiser made at least $915,000 (£700,000) from Reventon ransom payments. |
Ransomware
|
|
|
|
2019-04-09 11:03:00 |
US regulators dash Amazon hopes to stop investor vote on gov\'t facial recognition tech sales (lien direct) |
Amazon wanted to stop shareholders from having a say on the sale of tech to the US government. SEC said no. |
|
|
|
|
2019-04-09 09:30:04 |
AeroGrow discloses data breach, card skimming malware blamed (lien direct) |
The malware remained undetected for at least four months. |
Malware
|
|
|
|
2019-04-09 07:20:00 |
Cybercrime market selling full digital fingerprints of over 60,000 users (lien direct) |
Genesis service is selling users' personal data, complete with digital fingerprints, such as account credentials, cookies, browser user-agent details, and more. |
|
|
|
|
2019-04-09 07:00:00 |
LockerGoga: It\'s not all about the ransom (lien direct) |
Updated: In some cases, LockerGoga makes it very difficult to pay blackmail demands to decrypt systems. |
|
|
|
|
2019-04-08 21:25:00 |
Security researchers discover iOS version of Exodus Android spyware (lien direct) |
Exodus iOS spyware used against Italian and Turkmenistan users. |
|
|
|
|
2019-04-08 14:59:00 |
EU to check for GDPR violations in Microsoft\'s contracts with EU institutions (lien direct) |
EU starts investigation of Microsoft's contracts with EU institutions after Dutch government report. |
|
|
|
|
2019-04-08 11:52:03 |
Cybercrime group FIN6 evolves from POS malware to ransomware (lien direct) |
FireEye: FIN6 group is now deploying the Ryuk and LockerGoga ransomware strains on the networks of hacked companies from where it cannot steal POS data. |
Ransomware
Malware
|
|
|
|
2019-04-08 11:21:01 |
Police use AI to track down cryptocurrency Ponzi scheme swindlers (lien direct) |
The perpetrators allegedly scammed $18.7 million from the elderly and retirees. |
|
|
|
|
2019-04-08 10:01:03 |
TrickBot Trojan seeks out weak human links in business to profit from the tax season (lien direct) |
The info-stealing malware is banking on your taxman fears in a new wave of attacks. |
Malware
|
|
|